[all-commits] [llvm/llvm-project] 51d15d: [analyzer] Fix assertion failure in `CXXInstanceCa...

Balazs Benics via All-commits all-commits at lists.llvm.org
Sat Nov 4 03:11:38 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: 51d15d13dea4325d1f76353af847d9de0b532e87
      https://github.com/llvm/llvm-project/commit/51d15d13dea4325d1f76353af847d9de0b532e87
  Author: Balazs Benics <benicsbalazs at gmail.com>
  Date:   2023-11-04 (Sat, 04 Nov 2023)

  Changed paths:
    M clang/lib/StaticAnalyzer/Core/CallEvent.cpp
    M clang/lib/StaticAnalyzer/Core/SValBuilder.cpp
    M clang/test/Analysis/builtin_bitcast.cpp

  Log Message:
  -----------
  [analyzer] Fix assertion failure in `CXXInstanceCall::getCXXThisVal` (#70837)

Workaround the case when the `this` pointer is actually a `NonLoc`, by
returning `Unknown` instead.
The solution isn't ideal, as `this` should be really a `Loc`, but due to
how casts work, I feel this is our easiest and best option.

As this patch presents, I'm evaluating a cast to transform the `NonLoc`.
However, given that `evalCast()` can't be cast from `NonLoc` to a
pointer type thingy (`Loc`), we end up with `Unknown`.
It is because `EvalCastVisitor::VisitNonLocSymbolVal()` only evaluates
casts that happen from NonLoc to NonLocs.

When I tried to actually implement that case, I figured:
1) Create a `SymbolicRegion` from that `nonloc::SymbolVal`; but
`SymbolRegion` ctor expects a pointer type for the symbol.
2) Okay, just have a `SymbolCast`, getting us the pointer type; but
`SymbolRegion` expects `SymbolData` symbols, not generic `SymExpr`s, as
stated:

> // Because pointer arithmetic is represented by ElementRegion layers,
> // the base symbol here should not contain any arithmetic.

3) We can't use `ElementRegion`s to perform this cast because to have an
`ElementRegion`, you already have to have a `SubRegion` that you want to
cast, but the point is that we don't have that.

At this point, I gave up, and just left a FIXME instead, while still
returning `Unknown` on that path.
IMO this is still better than having a crash.

Fixes #69922

More information about the All-commits mailing list